BeBop Sync service will move content from S3 to BeBop editorial storage. To accomplish this, customers can attach the following bucket policy to their S3 buckets to grant access to BeBop without sharing the AWS keys.

Please replace BebopCustomerRole with the role provided to you and BucketName with the bucket name the policy is applied to.




    "Version": "2012-10-17",

    "Id": "Policy1500414757803",

    "Statement": [


            "Sid": "Stmt1500414754089",

            "Effect": "Allow",

            "Principal": {

                "AWS": [ "arn:aws:iam::320920465553:role/BebopCustomerRole", "arn:aws:iam::320920465553:user/BebopCustomerRole" ]


            "Action": [







            "Resource": [







For Read-Only Access please omit 



Please provide us with the following information:

  • If there are 2 buckets
    • Bucket name content going into BeBop
      • Ex: /dark-knight-to-bebop
    • Bucket name for content coming out of BeBop
      • Ex: /dark-knight-from-bebop
  • If there is only 1 bucket with read/write permissions
    • Bucket name and sub-folder for content going into Bebop
      • Ex: /dark-knight/trailer/dailies
    • Bucket name and sub-folder for content coming out of Bebop
      • Ex: /dark-knight/trailer/selects

Step By Step

1. Login to AWS Console and go to S3 Console.

2. Click on the desired bucket.


3. Select Permissions Tab and Click on Bucket Policy.  

4. Paste the bucket policy (from above). Replace the BebopCustomerRole & BucketName.


For any questions or problems, please create a ticket on the BeBop Helpdesk.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.